The sophisticated Nimda worm virus that plagued computers around the globe last week did not spare the Tufts network. The virus snaked its way across campus computers primarily through the popular e-mail program Microsoft Outlook, creating traffic jams on Microsoft Internet servers and rendering some networks inoperable.
The virus was particularly destructive because its unique code could not be identified by virus protection programs. Unlike other viruses, a user does not have to open the e-mail attachment to become infected. "This new virus is another step forward for viruses," said Dan Weir, director of University Information Technology Support Services. "If you simply view it you get the strain."
The worm was classified as 'high risk' by the anti-virus company McAfee because it spread so easily. And according to the Weir, the worm surprised network managers, preventing precautionary measures. If there had been a warming against the virus, Tufts could have guarded its networks, Weir said. "We would have been out in front of this one... if there was a solution prior to its hitting," he said.
But even if the University's computers could have been protected, it is likely that the virus would have made its way through student computers. Only about 20 percent of computer users regularly update their virus protection programs.
Some students are unaware that virus programs require constant updates to be effective, according to Weir. To prevent the spread of viruses among student computers, Tufts is devising a plan to provide automatic virus protection and updates through the Tufts network.
"Even though the virus protection program is installed and turned on, people don't realize... that they need to [update it] nearly every day," Weir said. "We're looking at a virus solution for students informing them on how to keep their systems up-to-date."
Student organizations were among the hardest hit by the Nimda virus. A number of servers, including the network at The Tufts Daily office, had to be taken offline to be repaired.
The complicated virus was difficult to fix, according to the Daily's Systems Manager Seth Kaufman. At the Daily, infected computers had to be individually taken off the network before Kaufman could remove the virus. Once the source of the virus was cut off, Kaufman downloaded a "patch" from an anti-virus website. Code had to be manually changed to undo the changes imposed by the virus. "This was a fast-spreading virus," Kaufman said.
"It takes over the network and every single computer is affected, so it slows things down," he added.
Each computer required an hour's worth of maintenance, and it took Kaufman more than 12 hours to restore service back to normal.
Faculty Internet servers are outfitted with an "enterprise" virus program that protects nearly 80 percent of staff computers. The software allows Tufts technicians to automatically update University computers on the network with the click of a mouse, relieving users of the responsibility to guard against viruses.
"Virus protection is delivered to their screen whether they like it or not," Weir said. "The next hurdle is to get the number of computers protected on the student side as high as possible for both virus protection and system updates."
The "enterprise" software has thwarted a number of attacks on the faculty network. And most faculty members use Netscape Messenger rather than Outlook, giving added protecting from the Nimda strain.
"Lots of people are used to Outlook and Outlook Express," Weir said. "However, the University recommends and supports Netscape Messenger in part because Outlook has this vulnerability to viruses."
Students will be trained to use Netscape Messenger to check their Tufts e-mail account when the University completes the switch from Emerald-based e-mail to Coral. The shift will decrease the number of students who use Outlook and should reduce the amount of virus infections on the Tufts network.
